>Signing the From: header is currently required, but suppose it weren't:
Then bad guys can take list messages and resend them with forged return addresses and still have a valid signature. Does anyone think this is a good idea? I think the way we all expect to use DKIM is that a message comes in, we check the signature, then we look up the signing domain in some sort of reputation system, be it a local whitelist or something fancier, then if the reputation is good we accept the mail, if it's bad we reject it, and if there's no reputation, we fall back and do what we would have done otherwise. With this model, I have a lot of trouble envisioning a scenario where I would want list mail signed by anything other than the list. If there is old list software that doesn't sign and it happens to pass signed messages, fine, but if the list software is DKIM aware at all, I want it to sign so I can recognize list mail. R's, John _______________________________________________ ietf-dkim mailing list http://dkim.org
